From 6b15c4dd35d204feffba2527c0df3ba4811199dd Mon Sep 17 00:00:00 2001 From: Maxim Mironenko Date: Mon, 4 Jan 2021 16:51:55 +0700 Subject: [PATCH 1/2] Terraform 0.14 upgrade --- .github/CODEOWNERS | 13 ++++-- .github/auto-release.yml | 39 +++++++++------- .github/mergify.yml | 52 +++++++++++++++++++++ .github/workflows/auto-context.yml | 55 +++++++++++++++++++++++ .github/workflows/auto-readme.yml | 41 +++++++++++++++++ .github/workflows/chatops.yml | 4 +- .github/workflows/validate-codeowners.yml | 18 ++++++++ README.md | 21 ++++++--- context.tf | 3 +- docs/targets.md | 2 - docs/terraform.md | 2 +- examples/complete/context.tf | 3 +- examples/complete/main.tf | 9 ++-- main.tf | 6 ++- versions.tf | 12 +++-- 15 files changed, 239 insertions(+), 41 deletions(-) create mode 100644 .github/mergify.yml create mode 100644 .github/workflows/auto-context.yml create mode 100644 .github/workflows/auto-readme.yml create mode 100644 .github/workflows/validate-codeowners.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 07b38d2..ceb4644 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,7 +1,7 @@ # Use this file to define individuals or teams that are responsible for code in a repository. # Read more: # -# Order is important: the last matching pattern takes the most precedence +# Order is important: the last matching pattern has the highest precedence # These owners will be the default owners for everything * @cloudposse/engineering @cloudposse/contributors @@ -13,5 +13,12 @@ # Cloud Posse must review any changes to GitHub actions .github/* @cloudposse/engineering -# Cloud Posse must review any changes to standard context definition -**/context.tf @cloudposse/engineering +# Cloud Posse must review any changes to standard context definition, +# but some changes can be rubber-stamped. +**/context.tf @cloudposse/engineering @cloudposse/approvers +README.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers +docs/*.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers + +# Cloud Posse Admins must review all changes to CODEOWNERS or the mergify configuration +.github/mergify.yml @cloudposse/admins +.github/CODEOWNERS @cloudposse/admins diff --git a/.github/auto-release.yml b/.github/auto-release.yml index 2836185..18a1ca6 100644 --- a/.github/auto-release.yml +++ b/.github/auto-release.yml @@ -4,30 +4,35 @@ version-template: '$MAJOR.$MINOR.$PATCH' version-resolver: major: labels: - - 'major' + - 'major' minor: labels: - - 'minor' - - 'enhancement' + - 'minor' + - 'enhancement' patch: labels: - - 'patch' - - 'fix' - - 'bugfix' - - 'bug' - - 'hotfix' + - 'auto-update' + - 'patch' + - 'fix' + - 'bugfix' + - 'bug' + - 'hotfix' default: 'minor' categories: - - title: '🚀 Enhancements' - labels: - - 'enhancement' - - title: '🐛 Bug Fixes' - labels: - - 'fix' - - 'bugfix' - - 'bug' - - 'hotfix' +- title: '🚀 Enhancements' + labels: + - 'enhancement' + - 'patch' +- title: '🐛 Bug Fixes' + labels: + - 'fix' + - 'bugfix' + - 'bug' + - 'hotfix' +- title: '🤖 Automatic Updates' + labels: + - 'auto-update' change-template: |
diff --git a/.github/mergify.yml b/.github/mergify.yml new file mode 100644 index 0000000..485982f --- /dev/null +++ b/.github/mergify.yml @@ -0,0 +1,52 @@ +pull_request_rules: +- name: "approve automated PRs that have passed checks" + conditions: + - "check-success~=test/bats" + - "check-success~=test/readme" + - "check-success~=test/terratest" + - "base=master" + - "author=cloudpossebot" + - "head~=auto-update/.*" + actions: + review: + type: "APPROVE" + bot_account: "cloudposse-mergebot" + message: "We've automatically approved this PR because the checks from the automated Pull Request have passed." + +- name: "merge automated PRs when approved and tests pass" + conditions: + - "check-success~=test/bats" + - "check-success~=test/readme" + - "check-success~=test/terratest" + - "base=master" + - "head~=auto-update/.*" + - "#approved-reviews-by>=1" + - "#changes-requested-reviews-by=0" + - "#commented-reviews-by=0" + - "base=master" + - "author=cloudpossebot" + actions: + merge: + method: "squash" + +- name: "delete the head branch after merge" + conditions: + - "merged" + actions: + delete_head_branch: {} + +- name: "ask to resolve conflict" + conditions: + - "conflict" + actions: + comment: + message: "This pull request is now in conflict. Could you fix it @{{author}}? 🙏" + +- name: "remove outdated reviews" + conditions: + - "base=master" + actions: + dismiss_reviews: + changes_requested: true + approved: true + message: "This Pull Request has been updated, so we're dismissing all reviews." diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml new file mode 100644 index 0000000..739a3c9 --- /dev/null +++ b/.github/workflows/auto-context.yml @@ -0,0 +1,55 @@ +name: "auto-context" +on: + schedule: + # Update context.tf nightly + - cron: '0 3 * * *' + +jobs: + update: + if: github.event_name == 'schedule' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Update context.tf + shell: bash + id: update + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + run: | + if [[ -f context.tf ]]; then + echo "Discovered existing context.tf! Fetching most recent version to see if there is an update." + curl -o context.tf -fsSL https://raw.githubusercontent.com/cloudposse/terraform-null-label/master/exports/context.tf + if git diff --no-patch --exit-code context.tf; then + echo "No changes detected! Exiting the job..." + else + echo "context.tf file has changed. Update examples and rebuild README.md." + make init + make github/init/context.tf + make readme/build + echo "::set-output name=create_pull_request=true" + fi + else + echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates." + fi + + - name: Create Pull Request + if: {{ steps.update.outputs.create_pull_request == 'true' }} + uses: cloudposse/actions/github/create-pull-request@0.22.0 + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + commit-message: Update context.tf from origin source + title: Update context.tf + body: |- + ## what + This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label` + + ## why + To support all the features of the `context` interface. + + branch: auto-update/context.tf + base: master + delete-branch: true + labels: | + auto-update + context diff --git a/.github/workflows/auto-readme.yml b/.github/workflows/auto-readme.yml new file mode 100644 index 0000000..6229e60 --- /dev/null +++ b/.github/workflows/auto-readme.yml @@ -0,0 +1,41 @@ +name: "auto-readme" +on: + schedule: + # Update README.md nightly + - cron: '0 4 * * *' + +jobs: + update: + if: github.event_name == 'schedule' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Update readme + shell: bash + id: update + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + run: | + make init + make readme/build + + - name: Create Pull Request + uses: cloudposse/actions/github/create-pull-request@0.20.0 + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + commit-message: Update README.md and docs + title: Update README.md and docs + body: |- + ## what + This is an auto-generated PR that updates the README.md and docs + + ## why + To have most recent changes of README.md and doc from origin templates + + branch: auto-update/readme + base: master + delete-branch: true + labels: | + auto-update + readme diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml index 0d94310..4ddc067 100644 --- a/.github/workflows/chatops.yml +++ b/.github/workflows/chatops.yml @@ -9,7 +9,7 @@ jobs: steps: - uses: actions/checkout@v2 - name: "Handle common commands" - uses: cloudposse/actions/github/slash-command-dispatch@0.16.0 + uses: cloudposse/actions/github/slash-command-dispatch@0.22.0 with: token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} reaction-token: ${{ secrets.GITHUB_TOKEN }} @@ -24,7 +24,7 @@ jobs: - name: "Checkout commit" uses: actions/checkout@v2 - name: "Run tests" - uses: cloudposse/actions/github/slash-command-dispatch@0.16.0 + uses: cloudposse/actions/github/slash-command-dispatch@0.22.0 with: token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} reaction-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/validate-codeowners.yml b/.github/workflows/validate-codeowners.yml new file mode 100644 index 0000000..8044289 --- /dev/null +++ b/.github/workflows/validate-codeowners.yml @@ -0,0 +1,18 @@ +name: Validate Codeowners +on: + pull_request: + +jobs: + validate-codeowners: + runs-on: ubuntu-latest + steps: + - name: "Checkout source code at current commit" + uses: actions/checkout@v2 + - uses: mszostok/codeowners-validator@v0.5.0 + with: + # For now, remove "files" check to allow CODEOWNERS to specify non-existent + # files so we can use the same CODEOWNERS file for Terraform and non-Terraform repos + # checks: "files,syntax,owners,duppatterns" + checks: "syntax,owners,duppatterns" + # GitHub access token is required only if the `owners` check is enabled + github_access_token: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}" diff --git a/README.md b/README.md index 567a34a..61eb4b8 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,8 @@ + # terraform-aws-lambda-elasticsearch-cleanup [![GitHub Action Build Status](https://github.com/cloudposse/terraform-aws-lambda-elasticsearch-cleanup/workflows/Lambda/badge.svg?branch=master)](https://github.com/cloudposse/terraform-aws-lambda-elasticsearch-cleanup/actions?query=workflow%3ALambda) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-lambda-elasticsearch-cleanup.svg)](https://github.com/cloudposse/terraform-aws-lambda-elasticsearch-cleanup/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) + [![README Header][readme_header_img]][readme_header_link] @@ -68,8 +70,15 @@ We literally have [*hundreds of terraform modules*][terraform_modules] that are ## Usage -**IMPORTANT:** The `master` branch is used in `source` just as an example. In your code, do not pin to `master` because there may be breaking changes between releases. -Instead pin to the release tag (e.g. `?ref=tags/x.y.z`) of one of our [latest releases](https://github.com/cloudposse/terraform-aws-lambda-elasticsearch-cleanup/releases). +**IMPORTANT:** We do not pin modules to versions in our examples because of the +difficulty of keeping the versions in the documentation in sync with the latest released versions. +We highly recommend that in your code you pin the version to the exact version you are +using so that your infrastructure remains stable, and update versions in a +systematic way so that they do not catch you by surprise. + +Also, because of a bug in the Terraform registry ([hashicorp/terraform#21417](https://github.com/hashicorp/terraform/issues/21417)), +the registry shows many of our inputs as required when in fact they are optional. +The table below correctly indicates which inputs are required. @@ -131,8 +140,6 @@ by starting with `^`). ```text Available targets: - build Build Lambda function zip - dependencies Install dependencies help Help screen help/all Display help for all targets help/short This help short screen @@ -152,7 +159,7 @@ is given | Name | Version | |------|---------| -| terraform | >= 0.12.0 | +| terraform | >= 0.12.26 | | aws | >= 2.0 | | null | >= 2.0 | @@ -295,7 +302,7 @@ In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow. ## Copyright -Copyright © 2017-2020 [Cloud Posse, LLC](https://cpco.io/copyright) +Copyright © 2017-2021 [Cloud Posse, LLC](https://cpco.io/copyright) @@ -352,8 +359,10 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply ### Contributors + | [![Josh Myers][joshmyers_avatar]][joshmyers_homepage]
[Josh Myers][joshmyers_homepage] | [![Erik Osterman][osterman_avatar]][osterman_homepage]
[Erik Osterman][osterman_homepage] | [![Andriy Knysh][aknysh_avatar]][aknysh_homepage]
[Andriy Knysh][aknysh_homepage] | [![Igor Rodionov][goruha_avatar]][goruha_homepage]
[Igor Rodionov][goruha_homepage] | [![Marcin Brański][3h4x_avatar]][3h4x_homepage]
[Marcin Brański][3h4x_homepage] | |---|---|---|---|---| + [joshmyers_homepage]: https://github.com/joshmyers [joshmyers_avatar]: https://img.cloudposse.com/150x150/https://github.com/joshmyers.png diff --git a/context.tf b/context.tf index bae0cf1..f5f2797 100644 --- a/context.tf +++ b/context.tf @@ -19,7 +19,8 @@ # module "this" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.19.2" + source = "cloudposse/label/null" + version = "0.22.1" // requires Terraform >= 0.12.26 enabled = var.enabled namespace = var.namespace diff --git a/docs/targets.md b/docs/targets.md index 058caf7..3dce8b3 100644 --- a/docs/targets.md +++ b/docs/targets.md @@ -3,8 +3,6 @@ ```text Available targets: - build Build Lambda function zip - dependencies Install dependencies help Help screen help/all Display help for all targets help/short This help short screen diff --git a/docs/terraform.md b/docs/terraform.md index 1614cf0..39fe611 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -10,7 +10,7 @@ is given | Name | Version | |------|---------| -| terraform | >= 0.12.0 | +| terraform | >= 0.12.26 | | aws | >= 2.0 | | null | >= 2.0 | diff --git a/examples/complete/context.tf b/examples/complete/context.tf index bae0cf1..f5f2797 100644 --- a/examples/complete/context.tf +++ b/examples/complete/context.tf @@ -19,7 +19,8 @@ # module "this" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.19.2" + source = "cloudposse/label/null" + version = "0.22.1" // requires Terraform >= 0.12.26 enabled = var.enabled namespace = var.namespace diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 938c708..7e87c71 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -3,7 +3,8 @@ provider "aws" { } module "vpc" { - source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.17.0" + source = "cloudposse/vpc/aws" + version = "0.17.0" cidr_block = "172.16.0.0/16" @@ -11,7 +12,8 @@ module "vpc" { } module "subnets" { - source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.30.0" + source = "cloudposse/dynamic-subnets/aws" + version = "0.30.0" availability_zones = var.availability_zones vpc_id = module.vpc.vpc_id @@ -24,7 +26,8 @@ module "subnets" { } module "elasticsearch" { - source = "git::https://github.com/cloudposse/terraform-aws-elasticsearch.git?ref=tags/0.24.0" + source = "cloudposse/elasticsearch/aws" + version = "0.24.0" security_groups = [module.vpc.vpc_default_security_group_id] vpc_id = module.vpc.vpc_id diff --git a/main.tf b/main.tf index 3a44f54..2c512ae 100644 --- a/main.tf +++ b/main.tf @@ -88,7 +88,8 @@ locals { # Modules #-------------------------------------------------------------- module "label" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.19.2" + source = "cloudposse/label/null" + version = "0.19.2" attributes = compact(concat(module.this.attributes, ["elasticsearch", "cleanup"])) @@ -96,7 +97,8 @@ module "label" { } module "artifact" { - source = "git::https://github.com/cloudposse/terraform-external-module-artifact.git?ref=tags/0.5.0" + source = "cloudposse/module-artifact/external" + version = "0.5.0" enabled = module.this.enabled filename = "lambda.zip" module_name = "terraform-aws-lambda-elasticsearch-cleanup" diff --git a/versions.tf b/versions.tf index f4a8e78..ed2b746 100644 --- a/versions.tf +++ b/versions.tf @@ -1,7 +1,13 @@ terraform { - required_version = ">= 0.12.0" + required_version = ">= 0.12.26" required_providers { - aws = ">= 2.0" - null = ">= 2.0" + aws = { + source = "hashicorp/aws" + version = ">= 2.0" + } + null = { + source = "hashicorp/null" + version = ">= 2.0" + } } } From 8ae09ce6bc9fab27f3f17825de8f44e28658f127 Mon Sep 17 00:00:00 2001 From: actions-bot <58130806+actions-bot@users.noreply.github.com> Date: Thu, 7 Jan 2021 14:16:41 +0000 Subject: [PATCH 2/2] Updated README.md --- README.md | 2 ++ docs/targets.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/README.md b/README.md index 61eb4b8..6ad7602 100644 --- a/README.md +++ b/README.md @@ -140,6 +140,8 @@ by starting with `^`). ```text Available targets: + build Build Lambda function zip + dependencies Install dependencies help Help screen help/all Display help for all targets help/short This help short screen diff --git a/docs/targets.md b/docs/targets.md index 3dce8b3..058caf7 100644 --- a/docs/targets.md +++ b/docs/targets.md @@ -3,6 +3,8 @@ ```text Available targets: + build Build Lambda function zip + dependencies Install dependencies help Help screen help/all Display help for all targets help/short This help short screen